[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Registration fraud (was Re: RPKI)
Martijn Schmidt via NANOG wrote:
> Given that there is (or should be) an unbroken chain of contracts and
> payments from IANA to RIR (to NIR) to LIR and beyond for all
> non-legacy resources, I'd say they are in a pretty good position to
> take care of the due diligence work to validate an organisation's
> ownership as well as its associated resources and subsequently
> publish the result through a cryptographic signature. If one of the
> RIRs or NIRs is not doing that job properly then we should (at first
> privately) call them out on it and push them to improve.
I'm afraid that improvement is very hard, given the reality of fraud
involving intra-national real estate registration as is exemplified by:
Real estate fraud in Ontario generally includes "mortgage fraud" (e.g.
fraudsters acquire a mortgage fraudulently through false information or
identification and run away with the money, leaving the true home owners
with a significant liability) and "title fraud" (e.g. fraudsters use
stolen identity or forged documents to transfer a registered owner's
title to him or herself without the owner's knowledge).
How can a real estate or IP address registrar detect "forged documents
to transfer a registered owner's title to him or herself without the
owner's knowledge", especially when the transfer is international?
Also, though I think existing code is applicable to fraud involving
IP addresses, its practical applicability for international cases